AxCrypt Premium makes encryption simple enough for any user, and even offers public key cryptography for secure sharing of encrypted files.

In the movies, encryption always seems to involve random characters scrolling down the screen, or hackers pounding on keyboards. The reality isn't quite the same, though some encryption products are complex enough to make you want to pound your keyboard with your head. AxCrypt Premium is a breath of fresh air in this field. It offers seriously advanced encryption features in a superbly simple setting.

Many encryption tools offer a perpetual license. You can buy them once, and use them indefinitely. AxCrypt, based in Sweden, charges €3.00 per month or €24.00 per year (which is about $3.41 per month or $27.25 per year at the time of this writing). That's because some of its features are server-based. CertainSafe Digital Safety Deposit Box, which stores all your encrypted data in the cloud, runs $12 per month, which is a good bit more than AxCrypt. Note that if you're willing to settle for weakish 128-bit encryption and forego some advanced features, you can use AxCrypt for free.

What Is Encryption? When Sir Francis Bacon wanted to keep his writings safe from prying eyes, he encoded them by replacing each letter with a five-character sequence of a's and b's. A page of Baconian ciphertext is really hard to look at! Breaking that kind of cipher, however, is a simple matter of analyzing letter frequencies, though I'm sure it made Sir Francis feel safer.

Modern encryption algorithms are light-years beyond old-fashioned ciphers. Their output bears no visible relationship to the data that went in, and cracking a modern encryption algorithm would take an impossibly long time. The official encryption algorithm of the US Government is Advanced Encryption Standard (AES). Bruce Schneier's Blowfish algorithm is another much-used method.

AES, Blowfish, and many common encryption algorithms are symmetric, meaning the same key is used to encrypt and decrypt data. If you want to share an encrypted file, you must securely (and separately) transmit the key to the recipient. Public Key Infrastructure (PKI) cryptography avoids that problem. In this system, if I want to send you a file, I look up your public key and encrypt the file with it. You use your private key to decrypt the file. Conversely, if I want to prove to you that a document comes from me and hasn't been modified, I encrypt it with my private key. The fact that you can decrypt it with the public key proves that you digitally signed it with your private key.

Getting Started with AxCrypt As with most encryption tools I've tested, AxCrypt installs in a trice. The very first time you launch it, you must sign in with your email and then enter a confirmation code sent to your email address. I'll get into the reason for that later. You also must create a single master password. Like the master password for your password manager, it needs to be both strong and memorable. AxCrypt rates the password as you type, and it's a tough critic. A 16-character password containing all character types merely rated "good." Advanced Encryption Package and Ranquel Technologies CryptoForge also rate your passwords. This is the password you use to sign in online, and also the password that unlocks the product on your PC.

Advanced Encryption Package lets you choose from 17 different encryption algorithms. CryptoForge offers four, along with the option to layer in more than one of them. But do ordinary users know enough to make a choice? AxCrypt just sticks with AES, the government standard.

After that, AxCrypt is almost invisible. If you drag a file onto its window, that file gets encrypted. You can also encrypt, decrypt, and securely delete files from AxCrypt's right-click context menu. Cypherix SecureIT, InterCrypto Advanced Encryption Package 2016, and CryptoForge also offer access via context menu.

AxCrypt also lets you define one or more Secured Folders. This isn't the same as the encrypted vault protection provided by Cypherix PE and InterCrypto CryptoExpert 8, though the effect is somewhat similar. When you sign out of AxCrypt (or get signed out automatically after inactivity), the program encrypts everything in the Secured Folders.

But wait, there's more! With almost every file-encryption tool, launching an encrypted file starts the decryption process. If you want to edit the file, you must decrypt, edit, and re-encrypt. With AxCrypt, launching an encrypted file opens it in the appropriate application. When you save, your saved file is encrypted automatically. Clicking the broom icon serves to clean up any temporary files that may have been left behind.

How Is This Safe? Hold on, you may be thinking, what's to stop someone from walking up to my computer before the passphrase times out, decrypting my files, and stealing them? The answer, according to AxCrypt's FAQ, is that if your local security is lax enough to let that happen, you have a huge problem that no encryption can solve.

You absolutely need to protect your Windows login with a strong password. If you have Windows 10 and a webcam, you can add Windows Hello biometric authentication. True Key by Intel Security lets you add biometric login to other Windows versions.

Set up Windows so it automatically locks your account after inactivity. You do this by going to screen saver settings, defining the time for inactivity, and checking the box that says to display the logon screen upon resuming. This works even if you don't select a screen saver. For that matter, it's simple enough to lock your system by pressing Windows+L before leaving your desk.

The AxCrypt documentation goes into detail about other ways to protect your local security. It also points out that because it keeps the program's passphrase in memory, the user doesn't have to enter it over and over. And that should encourage the use of truly strong passphrases, which is important.

Password Management AxCrypt includes a feature called password management, but it's not what you might expect. Launching it takes you to the AxCrypt website Password Management page. Click New to add a description and password. Click Search to search your saved passwords. That's the extent of it. It's not a password management utility like LastPass 4.0 Premium or Dashlane 4.

There is one interesting feature here, however. Clicking the Suggest Password button generates a 17-character password that contains all character types but is also somewhat pronounceable. I learned more about this feature on the Password Generator webpage.

According to that page, it uses "statistical analysis of actual text," and "produces strong passwords that are not nonsensical and actually possible to remember and type." Oddly, with each click of the button it generates three passwords, strong, medium, and weak. Running it just now, I got "sabBleed'weTurld15," "va4poSeSher," and "asInatic." Even the weak password is better than what you get by default from Advanced Encryption Package's funky password manager. It defaults to generating five-character all-caps passwords like NOWAY. In testing, it also crashed when asked to do much more than that.

Secure Sharing AxCrypt makes everything about encryption simple, so you shouldn't be surprised to learn that it even makes PKI exchange of secure data simple. Here's how it works. Click the sharing button on the toolbar. Select or enter the desired contact email address. Then send an encrypted file to the recipient.

A recipient who doesn't already have AxCrypt must install the free edition, as the sharing email explains. The message comes with the necessary six-digit confirmation code already embedded, making it easy for the recipient to get started. And that's it; sharing managed.

More advanced PKI features are found under the Key Management menu. Here you can export your public key for sharing, or import a public key that's been shared with you. You can also export and import your entire account.

Advanced Encryption Package also supports PKI, but it's aimed at a vastly different audience, specifically those with technical expertise in encryption. By contrast, anybody can use AxCrypt.

Make It Easy If an encryption package is difficult or confusing to use, it won't get used. The same is true for many other kinds of security software. Firewall spewing popups? Chances are you'll just turn it off. Fortunately, AxCrypt Premium is extraordinarily easy to use. True, the fact that it keeps your passphrase in memory means that you absolutely must take care of your computer's physical security, but that's just good practice. And of course you're free to sign out of AxCrypt any time you're not using it.

This product doesn't have the biggest collection of bells and whistles. That honor surely goes to Advanced Encryption Package. But average users don't want those bells and whistles, they just want simple protection for their files. And, simple or not, AxCrypt manages to offer PKI encryption, something few competitors do. For these reasons, AxCrypt joins CertainSafe as an Editors' Choice for encryption.

Read More

About the Author

Neil Rubenking served as vice president and president of the San Francisco PC User Group for three years when the IBM PC was brand new. He was present at the formation of the Association of Shareware Professionals, and served on its board of directors. In 1986, PC Magazine brought Neil on board to handle the torrent of Turbo Pascal tips submitted b... See Full Bio

AxCrypt Premium

AxCrypt Premium

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.